1 SSH Account: Gitolite + Shell Access

Here’s a situation I found myself in:

  • I have 1 ssh user available to me
  • I wish to have shell access to this user
  • I wish to use this user for multi-user git repositories

Here’s the solution I found: Use an ssh ‘config’ file and gitolite. I followed the instructions from Pro Git to install gitolite. I will repeat them here for convenience. Replace words starting with ‘my_’ with names respective to your setup.

  1. Create a key pair with no passphrase.
    2. $ ssh-keygen -t rsa
  2. Copy your public key to the remote server. (Note: some OSs have the command ssh-copy-id. Run ‘ssh-copy-id -i ~/.ssh/id_rsa my_remote_user@my_remote_server‘ to skip the following step).
    3. $ scp ~/.ssh/id_rsa.pub my_remote_user@my_remote_server:~/
$ ssh my_remote_user@my_remote_server
my_remote_user@my_remote_server:~$ cat id_rsa.pub >> .ssh/authorized_keys
my_remote_user@my_remote_server:~$ rm id_rsa.pub
my_remote_user@my_remote_server:~$ exit
  3. Clone gitolite source and install it. Replace git_admin with the desired gitolite admin user name. The passphrase-prompt asks you for a passphrase to protect your gitolite private key. I left it blank.
    4. $ git clone git://github.com/sitaramc/gitolite
$ cd gitolite/src
$ ./gl-easy-install -q my_remote_user my_remote_server git_admin
    The install creates the following files in your home directory: 
    .ssh/git_admin
.ssh/git_admin.pub
    The install creates the following files/folders in my_remote_user‘s home directory: 
    .cache/
.gitolite/
gitolite-install/
.gitolite.rc
projects.list
repositories/
  4. Open my_user’s ssh config file for editing with your favorite text editor.
    5. $ pico ~/.ssh/config
  5. Add something like the following, substituting in your respective info, and save.
    6. Host my_gitolite_server
    Hostname my_remote_server
    User my_remote_user
    Port 22
    IdentityFile ~/.ssh/git_admin
  6. When you wish to use clone/pull/push/etc with your gitolite server, usemy_gitolite_server instead of my_remote_user@my_remote_server.
    7. git clone my_gitolite_server:my_favorite_repo

Note: If you’re on OS X, ssh-agent may save your password for shell access, preventing you from using your git key. Enter ‘killall ssh-agent’ at command line to erase its keys before connecting to your gitolite server. Don’t worry, your key files will by fine.

UPDATE (12 Aug 2011): Some versions of openssh will die with the message ‘PTY allocation request failed on channel 0′. Until I figure out how to fix this properly, my remedy is to append the following to ~/.profile:

GIT_SSH='ssh -T'
Posted Feb 20 2011
#git #gitolite #ssh
5 notes

RSS | Archive | Theme: Optimus